CVE-2025-54352

July 20, 2025 invoker category_cve

CVE Details

Basic Information

Title CVE-2025-54352
Type cve
Published 2025-07-21T00:00:00.000Z
Modified 2025-07-21T04:27:10.814Z

Product Information

Vendor WordPress
Product WordPress
Version 3.5

CVSS Information

Base Score 3.7 (LOW)
Attack Vector CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected Products

  • WordPress WordPress 3.5

Additional Information

CWE List CWE-669
Source mitre

Description

WordPress 3.5 through 6.8.2 allows remote attackers to guess titles of private and draft posts via pingback.ping XML-RPC requests. NOTE: the Supplier is not changing this behavior.

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.